Search for vulnerabilities
Vulnerability details: VCID-bnsm-8wwf-aaap
Vulnerability ID VCID-bnsm-8wwf-aaap
Aliases CVE-2009-2478
Summary Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00685 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00690 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00690 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00690 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.00690 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.04071 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
epss 0.05565 https://api.first.org/data/v1/epss?cve=CVE-2009-2478
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=511228
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2009-2478
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2478.json
https://api.first.org/data/v1/epss?cve=CVE-2009-2478
https://bugzilla.mozilla.org/show_bug.cgi?id=502648
https://bugzilla.mozilla.org/show_bug.cgi?id=503286
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html
511228 https://bugzilla.redhat.com/show_bug.cgi?id=511228
cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*
CVE-2009-2478 https://nvd.nist.gov/vuln/detail/CVE-2009-2478
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
OSVDB-55932;CVE-2009-2478 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/9181.py
Data source Exploit-DB
Date added July 12, 2009
Description Mozilla Firefox 3.5 - Font tags Remote Buffer Overflow
Ransomware campaign use Known
Source publication date July 13, 2009
Exploit type remote
Platform windows
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2009-2478
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.80462
EPSS Score 0.00685
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.